From 5a1d29b88fa01273a301b9f28be2005c74d0d127 Mon Sep 17 00:00:00 2001
From: Frederic Leger <frederic@webofmars.com>
Date: Sun, 3 Mar 2024 11:38:18 +0100
Subject: [PATCH] ci: use docker hub images directly

---
 .github/workflows/__shared-ci.yml     | 55 ++++++++++++++-------------
 .github/workflows/pull-request-ci.yml |  1 +
 .github/workflows/release.yml         | 22 -----------
 .tool-versions                        |  1 -
 skaffold.yaml                         | 13 -------
 5 files changed, 29 insertions(+), 63 deletions(-)
 delete mode 100644 skaffold.yaml

diff --git a/.github/workflows/__shared-ci.yml b/.github/workflows/__shared-ci.yml
index 8f8caca..498162a 100644
--- a/.github/workflows/__shared-ci.yml
+++ b/.github/workflows/__shared-ci.yml
@@ -71,6 +71,34 @@ jobs:
           file: coverage.lcov
           allow-empty: true
 
+  docker-build-images:
+    name: "Docker: Build Images"
+    needs: [golangci-lint, go-test, go-coverage, chart-testing]
+    uses: hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml@0.15.0
+    permissions:
+      actions: write
+      contents: read
+      id-token: write
+      issues: read
+      packages: write
+      pull-requests: read
+    secrets:
+      oci-registry-password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }}
+    with:
+      runs-on: '["self-hosted"]'
+      oci-registry: "docker.io"
+      oci-registry-username: ${{ vars.DOCKERHUB_REGISTRY_USERNAME }}
+      images: |
+        [{
+          "repository": "webofmars/http-header-authenticator",
+          "tag": "${{ inputs.tag }}",
+          "dockerfile": "./Dockerfile",
+          "platforms": [
+            "linux/amd64",
+            "linux/arm64"
+          ]
+        }]
+
   chart-testing:
     name: "Helm: Chart Testing"
     runs-on: self-hosted
@@ -112,30 +140,3 @@ jobs:
       - name: Run chart-testing (install)
         if: steps.list-changed.outputs.changed == 'true'
         run: ct install --target-branch ${{ github.event.repository.default_branch }}
-
-  docker-build-images:
-    name: "Docker: Build Images"
-    needs: [golangci-lint, go-test, go-coverage, chart-testing]
-    uses: hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml@0.15.0
-    permissions:
-      actions: write
-      contents: read
-      id-token: write
-      issues: read
-      packages: write
-      pull-requests: read
-    secrets:
-      oci-registry-password: ${{ secrets.GITHUB_TOKEN }}
-    with:
-      runs-on: '["self-hosted"]'
-      oci-registry: "ghcr.io"
-      images: |
-        [{
-          "name": "app",
-          "tag": "${{ inputs.tag }}",
-          "dockerfile": "./Dockerfile",
-          "platforms": [
-            "linux/amd64",
-            "linux/arm64"
-          ]
-        }]
diff --git a/.github/workflows/pull-request-ci.yml b/.github/workflows/pull-request-ci.yml
index 5492ce0..bf5ee4a 100644
--- a/.github/workflows/pull-request-ci.yml
+++ b/.github/workflows/pull-request-ci.yml
@@ -24,6 +24,7 @@ jobs:
     name: Continuous Integration
     uses: ./.github/workflows/__shared-ci.yml
     permissions:
+      actions: write
       contents: read
       id-token: write
       issues: read
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9717db2..1b5b4c5 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -43,28 +43,6 @@ jobs:
           publish: true
           disable-autolabeler: true
 
-      - uses: docker/login-action@v3
-        with:
-          registry: "ghcr.io"
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - uses: docker/login-action@v3
-        with:
-          registry: "docker.io"
-          username: ${{ secrets.DOCKERHUB_REGISTRY_USER     }}
-          password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }}
-
-      - name: Push built images to Docker.io
-        run: |
-          APP_IMAGE="${{ fromJson(needs.ci.outputs.built-images).app.images[0] }}"
-          docker pull "$APP_IMAGE"
-          APP_TAG="${{ steps.update_release_draft.outputs.tag_name }}"
-          APP_REGISTRY_PATH="docker.io/webofmars"
-          APP_DOCKERIO_IMAGE="${APP_REGISTRY_PATH}/http-header-authenticator:$APP_TAG"
-          docker tag "$APP_IMAGE" "$APP_DOCKERIO_IMAGE"
-          docker push "$APP_DOCKERIO_IMAGE"
-
   helm-push:
     name: "Helm: push chart to harbor registry"
     needs: ci
diff --git a/.tool-versions b/.tool-versions
index 666cc48..f651ac6 100644
--- a/.tool-versions
+++ b/.tool-versions
@@ -1,2 +1 @@
-skaffold 2.8.0
 helm 3.12.1
diff --git a/skaffold.yaml b/skaffold.yaml
deleted file mode 100644
index d29937e..0000000
--- a/skaffold.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: skaffold/v4beta7
-kind: Config
-build:
-  local:
-    tryImportMissing: true
-    useBuildkit: true
-  tagPolicy:
-    gitCommit: {}
-  artifacts:
-    - image: http-header-authenticator
-      docker:
-        dockerfile: Dockerfile
-deploy: {}